In one of the environments I manage, they use a product called Netwrix Auditor. Now, if you’ve been familiar with Netwrix Auditor, you may have experienced issues during maintenance periods where you’d generate a lot of errors in your Netwrix log as the services attempted to collect while the system was still updating both prior to and right after reboot.

While some suggested I just stop the services prior to reboot, I found this method to be slightly problematic because if the server started up and started all the regular services while still completing the update process, I’d still have a slew of errors. I’d sometimes even have to reboot a second time just to get everything back to normal. While the errors and warnings generated are often benign, I rather have less of them to be concerned with or have to explain to an executive or an auditor.

So to tackle this concern, I developed a more scripted way of handling this issue through PowerShell, which I am sharing with the community.

The script will document your running Netwrix services, stop the services, and mark them as disabled (temporarily) to ensure that you can reboot without the services automatically starting. Then, when you are ready to start the services, it sets the services back to automatic and starts them. It generates a full transcript of its activities and has some basic error handling.

To view the script and additional technical details, please click here.  Feel free to share your thoughts or suggestions for improvements below in the comments.